NASA has uncovered a potential security flaw that could affect spacecraft, but exactly how dangerous is it?
According to Michigan news, researchers from the University of Michigan, the University of Pennsylvania, and NASA have uncovered a significant security flaw in networking technology that is used in spacecraft, airplanes, energy generation systems, and industrial control systems.
The flaw reportedly abuses a network protocol and hardware system known as time-triggered ethernet (TTE), which is a system that allows mission-critical devices, such as life support systems, to coexist on the same network hardware as less important devices, such as passenger Wi-Fi, or data collection systems.
However, how much of a threat does this security flaw impose on future space explorations?
How Does TTE, PCspooF Affect NASA's Spacecraft?
According to Techradar, TTE has been regarded as safe for more than a decade since the two types of network traffic were never permitted to interfere with one another on the same endpoint. Researchers stated that TTW was created to improve efficiency while lowering network expenses.
However, researchers have uncovered an online attack known as PCspooF, which originated from research titled "PCspooF: Compromising the Safety of Time-Triggered Ethernet." Due to the recent findings,
the team introduced the potential security flaw by simulating an asteroid redirection test, specifically the phase where a capsule must dock with a spaceship, using actual NASA technology.
Alarmingly, the PCspooF attack combined important and non-vital communication as the capsule attempted to dock, interfering with messages moving through the system and setting off a cascading effect. The capsule eventually swerved off course and completely missed the dock.
"We wanted to determine what the impact would be in a real system," According to Assistant Professor Baris Kasikci from the Morris Wellman Faculty. "If someone executed this attack in a real spaceflight mission, what would the damage be?"
Additionally, a similar system can also be used to compromise TTE-dependent systems in industrial control systems, power plants, and airplanes. An attacker with physical access may be able to harm vital infrastructure in a way that might not be immediately apparent if done right.
Researchers Confirm No 'Current' Known Threat, Introduces Solutions
However, despite the uncovered potential security flaw, researchers clarified that it may not be an urgent threat as it can still be resolved.
The University of Michigan, the University of Pennsylvania, and NASA emphasize that there is no "current" known hazard. Engadget reports that remote attacks are unlikely as pulling off a PCSpooF attack requires planting a small, malicious device on the network first.
As a solution, researchers have found that replacing copper Ethernet lines with fiber optic cables or putting optical isolators between switches and untrusted devices can be a solution to the issue.
Although doing so would impact cost and performance, it would reduce the possibility of electromagnetic interference to disable security breaches like PCspooF attacks.
Related Article : NASA and Space Force Order Several Launches from SpaceX and ULA for National Security Missions!
This article is owned by TechTimes
Written by: Andi C.